I have just started to receive emails that the certificate expired. How do I go about fixing this?

Symptoms

I receive messages like:

################# SSL Certificate Warning ################ Certificate for plesk, in '/usr/local/psa/var/certificates/certX4i2yTS': The certificate needs to be renewed; this can be done using the 'genkey' program supplied with Red Hat Enterprise Linux. Browsers will not be able to correctly connect to this web site using SSL until the certificate is renewed.##################################################### Generated by certwatch(8)

Cause

This message is generated by 'certwatch' program that is run daily by crond from the /etc/cron.daily/certwatch file to warn about the imminent expiry of SSL certificates configured for use in the Apache HTTP server. If you receive this message, it means that the certificate listed in the message will expire. If you access the site with expired certificate, the browser shows the warning that the certificate expired and is not valid anymore.

Resolution

The certificate should be renewed. The name of certificate in Plesk CP can be found with the command:

Where CERT_FILE_NAME should be replaced with the real certificate file name from the message you received, in our example it is 'certX4i2yTS'. After that you can find this Ceritificare in Plesk CP and replace it with renewed one or generate Self-Signed certificate. Self-Signed certificate can be created with Server->Certificates->Add New Certificate->Self Signed.

If you do not wish to check certificates' expiration date and recevie such notification anymore, this can be disabled by adding the line: